Feeds

Articles about Malware

apple mac malware vxer

This Apple Mac has malware. How do I mop up?

We all know that Macs don't get PC viruses. But they can and sometimes do get Mac viruses. Hence this terse request from Dewix in El Reg forums. Mother-in-law has managed to get malware on her Mac. Anyone recommend a no fuss AV? Somewhat sparse on the details, Dewix. Reg readers can you help? Recommendations here. Thank- …
Aaron Milne, 16 Jun 2014

IEEE expands malware initiatives

Standards body the IEEE has launched two new anti-malware initiatives designed to help software and security vendors spot malware that's been inserted into other software, and improve the performance of malware detection by cutting down on false positives. The organisation's Anti-Malware Support Service (AMSS) is designed to …

Watch this! The changing face of malware

Youtube Video The anti-malware software industry seems to be fighting a losing battle, with Symantec even declaring antivirus "dead". In this online tutorial Darryl MacGregor, principal technologist for information security at IT training biz QA, discusses the best strategies for protecting your information assets in the near …
David Gordon, 21 May 2014
apple mac malware vxer

Google makes malware microscope Mac mod

Google has upgraded its popular VirusTotal analysis tool by adding an Mac OS malware uploader in a bid to better understand increasing attacks against Cupertino's fruity 'puters. The tool has been made available for OS X 10.8 and 10.9. Malware and suspicious URL samples uploaded to VirusTotal are checked against 52 anti-malware …
Darren Pauli, 27 May 2014
Malware

Attackers raid SWISS BANKS with DNS and malware bombs

Attackers suspected of residing in Russia are raiding Swiss bank accounts with a multi-faceted attack that intercepts SMS tokens and changes domain name system settings, researchers have warned. The attacks sported a clever implementation of malware that pointed victim machines to replica phishing bank sites when they attempt to …
Darren Pauli, 23 Jul 2014
bug

Secluded HijackRAT: Monster mobile malware multitool from HELL

Cybercrooks have brewed up a malicious Android app that bundles a raft of banking fraud tricks into a single strain of mobile malware. The Secluded HijackRAT is banking trojan that packs together new and previously unseen tricks, according to net security firm FireEye. The mobile nasty combines private data theft, banking …
John Leyden, 03 Jul 2014
bug on keyboard

Researchers warn of resurgent Sefnit malware

A malware infection which drew headlines January has returned and is using new techniques to infect and spread amongst users. Known as Sefnit, the botnet infection was spotted in September of 2013 and triggered alarms earlier this year when researchers warned that millions of systems were likely infected with the malware. …
Shaun Nichols, 29 Apr 2014
Ben Gurion University professor Yuval Elovici

Israel develops wireless-malware-injection-by-smartmobe tool

It's not the next Daniel Suarez plot; Israeli academics have developed software they say can use your mobile phone to detect electrical impulses, and foist malware to computers physically disconnected from any internet facing network. Ben Gurion University professor Yuval Elovici told The Times of Israel that his team …
Darren Pauli, 12 Jun 2014
Gold iPhone 5s, in'it?

Reddit users discover iOS malware threat

Users on a mobile phone hacking subreddit are being credited with the discovery of a malware infection targeting iOS users. The r/jailbreak community uncovered the infection while assisting a user who had been noticing unusual activity on his jailbroken iPhone. Known as 'Unflod Baby Panda', the infection targets jailbroken iOS …
Shaun Nichols, 18 Apr 2014
Google bouncer

Droid malware cloak outwits Google Bouncer and friends

Google's Bouncer Android defence tool is one of a dozen malware detection platforms that can be flawlessly skirted by malware employing smarter heuristics, researchers have found. Malware kitted out with virtual machine detection functions and clever heuristics could bypass seemingly any detection platform on the market. …
Darren Pauli, 13 May 2014
Fail and You

NASDAQ IT security spend: $1bn. Finding mystery malware on its servers: Priceless

NASDAQ servers were infected by malware that exploited two mystery zero-day vulnerabilities, according to a magazine cover story published today. Despite spending a ton of money on computer security, the stock exchange was wide open to attack, we're told. Today's report pulls back the curtain back to reveal a little more about …
Iain Thomson, 17 Jul 2014
android malware mobile iphone

Malware-as-a-service picks Android apart

Quite possibly the most expensive and capable Android malware the world has yet seen is for sale at $US5000 on underground markets, replete with software-as-a-service support. The iBanking malware has evolved from a simple SMS-stealer to a highly capable application that records audio within the range of a device's microphone, …
Darren Pauli, 22 May 2014
bug on keyboard

Manic malware Mayhem spreads through Linux, FreeBSD web servers

Malware dubbed Mayhem is spreading through Linux and FreeBSD web servers, researchers say. The software nasty uses a grab bag of plugins to cause mischief, and infects systems that are not up to date with security patches. Andrej Kovalev, Konstantin Ostrashkevich and Evgeny Sidorov, who work at Russian internet portal Yandex, …
Iain Thomson, 18 Jul 2014

Sync'n'steal: Hackers brew Android-targeting Windows malware

Internet Igors have stitched together the first strain of Windows malware that can hop over and infect Android smartphones and tablets. The Droidpak mobile banking trojan exploits syncing between smartphones and Windows PCs to jump from a compromised PC onto an Android device. The Windows Trojan downloads a malicious .APK file …
John Leyden, 27 Jan 2014
Remy from Ratatouille

Another RAT crawls out of the malware drain

Yet another banking trojan has appeared, using browser hooking to steal data from Internet Explorer, Chrome and Firefox users. Dyreza, or Dyre, is pitched the usual way, via a phishing e-mail (a lesson that's never learned well enough for the approach to fail), and the e-mail contains what purports to be a zipped document that …

PC-infecting chat demon quotes THE BIBLE to summon malware plague

A new Trojan that distributes itself through Facebook instant messaging and Yahoo! Messenger has claimed hundreds of victims. Computer systems have been infected by the software nasty in the UK, Germany, France, Denmark, Romania, the US and Canada during the past week or so, according to Romanian antivirus firm Bitdefender. …
John Leyden, 27 May 2014
android tongue

Malware gets your Android blabbering to HACKERS

Researchers from the Chinese University of Hong Kong have developed bizarre malware that dictates contacts, emails and other sensitive text data in order to steal it. In the novel attack a seemingly innocuous app that required no permissions called a bad guy's phone number and blabbered the stolen data out of the speakers and …
Darren Pauli, 29 Jul 2014

Yes, there is now BITCOIN-MINING MALWARE for Android

Bitcoin mining on low-powered devices these days is a bad idea, to say the least. As cryptocurrency blockchains grow more complex, even high-powered dedicated mining rigs are having trouble effectively mining coins. Your smartphone, therefore, is going to be about as useful for mining Bitcoin as soup ladle is for mining actual …
Shaun Nichols, 25 Apr 2014

Microsoft's anti-malware crusade knackers '4 MILLION' No-IP users

Microsoft has won a court order to gain control of 23 No-IP domains owned by dynamic DNS (DDNS) provider Vitalwerks Internet Solutions. The US software giant claimed the domains were being used by malware developed in the Middle East and Africa. Vitalwerks operates its No-IP DDNS service from Nevada, and there is no suggestion …
Iain Thomson, 01 Jul 2014
Evil Android

Android is a BURNING 'hellstew' of malware, cackles Apple's Cook

Apple CEO Tim Cook took a few minutes of his two-hour keynote at Apple's Worldwide Developers Conference (WWDC) on Monday morning in San Francisco to stick his thumb in Android's eye. "Over 130 million customers who bought an iOS device in the past 12 months were buying their first Apple device," Cook told the 6,000 developers …
Rik Myslewski, 02 Jun 2014
balaclava_thief_burglar

Cisco: Hey, IT depts. You're all malware hosts

Everybody – at least every multinational that Cisco checked out for its 2014 Annual Security Report – is hosting malware of some kind, and there aren't enough security professionals to go around. Along with its Managed Threat Defense service launched this week, Cisco also launched the latest publication (here with registration) …

EXPOSED: Massive mobile malware network used by cops globally

A probe by Citizen Lab at the University of Toronto and computer security firm Kaspersky Lab has uncovered a massive network of mobile malware for all phone types that is sold by an Italian firm to police forces around the world. The malware, dubbed Remote Control System (RCS), was produced by a company called Hacking Team. It …
Iain Thomson, 24 Jun 2014

Zoom out for a view of malware, say boffins

One of the reasons malware gets past corporate defences is that a single HTTP request can look perfectly innocent. However, according to research to be presented at a security conference next week, those requests reveal themselves if the defender takes a “big picture” view. According to research to be presented at the Internet …
An alternative Yahoo! logo, courtesy of a Flickr user

Malware! tainted! ads! infect! thousands! of! Yahoo! users!

Thousands of Yahoo! users have been exposed to malware through malicious advertisements over the past few days, according to research by Dutch security firm Fox-IT. Malware-tainted ads served from ads.yahoo.com were shown to victims in Romania, Great Britain and France, infecting tens of thousands every hour. The first infection …
John Leyden, 06 Jan 2014

Flappy Bird's ANIMATED CORPSE may spread malware PLAGUE

Cybercrooks have been quick to latch onto the hype about Flappy Bird's demise by laying a variety of malware-based traps. Counterfeit Flappy Bird Android apps packing malware have been spotted all over the web, with sightings by both Trend Micro and Sophos, among others. Trend warns that counterfeit copies of the mobile game …
John Leyden, 12 Feb 2014
The NSA Unchained

NSA installed '50,000 malware sleeper cells' in world computer networks

America's NSA had established an army of "sleeper cells" – malware-infected, remote-controllable computers – on 50,000 networks by the middle of 2012. That's according to the latest leaks from whistleblower Edward Snowden. Dutch newspaper NRC Handelsblad reports that the elite NSA TAO (Tailored Access Operations) hacking squad …
John Leyden, 25 Nov 2013
Android 4.1 Jelly Bean

Using Android 4.3? Don't let malware snatch your private login keys

If you're one of the 10.3 per cent of Android users running version 4.3, aka Jelly Bean, your login keys are at risk of theft – thanks to a vulnerability in the operating system's KeyStore software. KeyStore, as the name suggests, stores a user's cryptographic keys, which are used by apps to log into services without the user …
Iain Thomson, 30 Jun 2014

Feds indict nine for making millions from Zeus malware

The FBI and the US Department of Justice have unsealed charges against nine people accused of racketeering, computer fraud, aggravated identity theft, and multiple counts of bank fraud related to their use of the Zeus malware against victims in the state of Nebraska. "The 'Zeus' malware is one of the most damaging pieces of …
Iain Thomson, 14 Apr 2014

Government-built malware running out of control, F-Secure claims

A surprising number of governments are now deploying their own custom malware – and the end result could be chaos for the rest of us, F-Secure's malware chief Mikko Hyppönen told the TrustyCon conference in San Francisco on Thursday. "Governments writing viruses: today we sort of take that for granted but 10 years ago that would …
Iain Thomson, 28 Feb 2014

Cops cuff 4 in £1m banking fraud malware case

Four people have been arrested and £80,000 in cash seized as part of a Met Police investigation into the theft of an estimated £1m from UK banks using malware. Two men, both aged 31, and two women aged 24 and 27, were arrested on suspicion of conspiracy to defraud and conspiracy to launder money during raids on properties in …
John Leyden, 12 Dec 2013

Cryptome pulled OFFLINE due to malware infection: Founder cries foul

Whistle-blowing site Cryptome has been left temporarily unavailable after its service provider NetSol stopped routing traffic towards the site following the discovery of a suspect and probably malicious PHP file. Cryptome's John Young criticised NetSol's decision on to pull the plug on the whistle-blowing site as an overreaction …
John Leyden, 25 Jun 2014

Lads from Lagos turn from 419 scams to basic malware slinging

Nigerian scammers are developing beyond 419 advance-fee fraud scams against individuals by using trojans to steal valuable information from businesses instead. Security researchers at Palo Alto Networks reports that cyber criminals in Nigeria have evolved common malware campaigns to infiltrate businesses that have not previously …
John Leyden, 22 Jul 2014
Hong Kong asicminer datacentre racks

That toolbar you downloaded is malware? Tough, read the EULA

Security software vendor Malwarebytes has highlighted what it says is an increasing trend for malware authors to embed Bitcoin mining into things like browser toolbar helpers and search agents. That's not so new, but its latest observation is that the malware-peddlers are trying to tie up suckers with their license agreements. …

Malware-flinging Linksys vulnerability confirmed as a HNAP1 bug

The worm called “The Moon”, which began spreading between Linksys home broadband kit last week, has been confirmed as a problem with the devices' HNAP1 implementation, and an exploit has been made public. The exploit was posted to Exploit-db.com by user Rew, who said this Reddit discussion meant the “cat's out of the bag”. …

Bank-raid ZeuS malware waltzes around web with 'valid app signature'

A variant of the bank-account-raiding ZeuS Trojan is masquerading as a legit Windows app using a valid digital signature – and packs a rootkit to burrow deep into victims' PCs. It appears miscreants have somehow gained access to the private signing key belonging to a Microsoft-registered third-party developer in Switzerland, and …
John Leyden, 05 Apr 2014

Use MediaWiki and hate malware? This patch is for you

Check Point Software Technologies has announced a remote code execution bug in the popular MediaWiki platform that powers Wikipedia. As detailed here: “Your MediaWiki installation is affected by a remote code execution vulnerability if you have enabled file upload support for DjVu (natively supported by MediaWiki) or PDF files ( …
Screen shot from SpyEye

Russian SpyEye author pleads guilty to starting malware onslaught

Russian national Aleksandr Andreevich Panin has pleaded guilty to charges of banking and wire fraud for his role in developing the SpyEye Trojan, which used botnets of enslaved computers to harvest financial credentials from internet users around the world. "The apprehension of Mr. Panin means that one of the world's top …
Iain Thomson, 29 Jan 2014

NHS website hit by MASSIVE malware security COCKUP

Hundreds of URLs on the NHS website have been flooded with malware by hackers and - at time of writing - it remains exposed. The security blunder was first spotted early this morning and an alert was posted on Reddit along with a list of 587 pages said to have been compromised on the www.nhs.uk site. The Register put calls in …
Kelly Fiveash, 03 Feb 2014

First China banned Bitcoin. Now its crooks are using malware to steal traders' wallets

Cybercrooks have developed a strain of malware that actively targets BTC China and other Bitcoin exchanges. A Zeus P2P/Gameover variant discovered by Trusteer is designed to steal the passwords of traders in the virtual currency. A blog post by the IBM-owned transaction security firm (extract below) explains that the malware is …
John Leyden, 19 Dec 2013

Two million TERRIBLE PASSWORDS stolen by malware attackers

Researchers have uncovered a massive cache of stolen account credentials which could impact some two million users. Security firm Trustwave said that its SpiderLabs reconnaissance team has detected a malware operation which has been able to pilfer account credentials on infected machines and build an archive of lifted passwords …
Shaun Nichols, 04 Dec 2013

People will happily run malware if paid ONE CENT – new study

Security white hats, despair: users will run dodgy executables if they are paid as little as one cent. Even more would allow their computers to become infected by botnet software nasties if the price was increased to five or 10 cents. Offer a whole dollar and you'll secure a herd of willing internet slaves. The demoralising …
Darren Pauli, 18 Jun 2014
Windows XP

Fine! We'll keep updating WinXP's malware sniffer after April, says Microsoft

Microsoft has capitulated to the legions of users who are still running Windows XP once again, by extending support for its antimalware software for the aging OS into 2015. In the past, Redmond has warned that it would discontinue support for Microsoft Security Essentials, Forefront Client Security, Forefront Endpoint Protection …
Neil McAllister, 16 Jan 2014
Autodesk's AutoCAD

Rare AutoCAD malware rigs drafting machines for follow-up attacks

Security researchers have discovered a rare strain of AutoCAD malware that opens up compromised machines to secondary exploits. ACM/SHENZ-A poses as a legitimate component of AutoCAD software for computer-aided design (CAD). But analysis by security researchers at Trend Micro has revealed that the malicious file opens up systems …
John Leyden, 25 Nov 2013
The Register breaking news

'BadNews is malware' says outfit that found it

The BadNews malware debate continues to be batted back and forth, with Lookout, the company that first raised the alarm, maintaining that it is malware in the face of Google's assertion last week that it had seen no malicious activity associated with apps carrying the malware. In conversation with The Register, Lookout's …

Android malware spotted hitching a ride on mobile botnet

Kaspersky Lab has reported the first sighting of mobile malware (Android, of course) that piggybacks on the back of a separate mobile botnet and uses the resources of other malware once it's installed. "For the first time malware is being distributed using botnets that were created using completely different mobile malware," …
Iain Thomson, 06 Sep 2013

Russia charges 'criminal organization' behind Blackhole malware kit

The Russian government has charged a group of people with organized crime offenses related to the creation and use of the Blackhole malware kit. Word first leaked out via Europol in October that a man going by the alias "Paunch", who was suspected of being the creator of the infamous crimeware tool, had been arrested in Russia …
Neil McAllister, 06 Dec 2013

Taiwan bids to bolster security with free malware database

Taiwan’s National Centre for High-Performance Computing (NCHC) has launched what it claims to be the world’s first free malware database designed to help businesses, academics and researchers better identify and defend against criminally-coded attacks. The centre, one of the 11 which comprise Taiwan’s National Applied Research …
Phil Muncaster, 02 Sep 2013

Run for the tills! Malware infected Target registers, slurped 40m bank cards

Target today claimed malware infected its cash registers, which allowed crooks to siphon off copies of 40 million credit and debit cards. Chief executive Gregg Steinhafel said point-of-sale (POS) systems were compromised by a software nasty, which harvested sensitive banking information from customers' magstripes. The …
Shaun Nichols, 14 Jan 2014

New fear: Worm that ransacked US military PCs was blueprint for spies' super-malware

A mystery worm that burrowed into US military computers to steal secrets six years ago may have inspired the development of subsequent government-grade malware Red October, Turla, Flame and Gauss. Researchers at Kaspersky Lab reached this conclusion after finding similarities between Agent.btz – the worm that attacked in 2008 – …
John Leyden, 12 Mar 2014
Kim Jong-un

Norks seed online games with malware in fiendish DDoS plot

South Korea’s National Police Agency (NPA) is warning users not to download unofficial online games as they may contain malware designed by the North to compromise machines which can then be used to launch DDoS attacks on the country. The malware in question collects the location data and IP address and sends them to overseas …
Phil Muncaster, 25 Oct 2013